[prev in list] [next in list] [prev in thread] [next in thread] 

List:       dragonfly-commits
Subject:    git: DragonFly_RELEASE_5_6 libfetch: Fix buffer overflow (CVE-2020-7450)
From:       Antonio Huete Jimenez <tuxillo () crater ! dragonflybsd ! org>
Date:       2020-01-29 17:16:38
Message-ID: 20200129171638.6AFFF9167B8 () crater ! dragonflybsd ! org
[Download RAW message or body]


commit fd17ab246da5e83c006c3dcc23bee06babb9b6e2
Author: Antonio Huete Jimenez <tuxillo@quantumachine.net>
Date:   Wed Jan 29 17:52:50 2020 +0100

    libfetch: Fix buffer overflow (CVE-2020-7450)
    
      - A remote attacker, who can supply a malicious URL to the application
        that uses libfetch(3), can trigger memory corruption and execute arbitrary
        code on the target system.
      - FreeBSD-SA-20:01.libfetch
    
    Submitted-by: bapt, emaste

Summary of changes:
 lib/libfetch/fetch.c | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

http://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/fd17ab246da5e83c006c3dcc23bee06babb9b6e2


-- 
DragonFly BSD source repository
[prev in list] [next in list] [prev in thread] [next in thread]